Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/NHT4Ire_F8NAl-Tb7bg1fVCCio4.roa
File: NHT4Ire_F8NAl-Tb7bg1fVCCio4.roa (raw, json)
Hash identifier: AOaMGPdwVSY1SaEMTRPF4k/DYj0UzZkZvvG3vvPDmyk=
Subject key identifier: 34:74:F8:22:B7:BF:17:C3:40:97:E4:DB:ED:B8:35:7D:50:82:8A:8E
Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Certificate serial: 1E8B
Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/NHT4Ire_F8NAl-Tb7bg1fVCCio4.roa
Signing time: Thu 05 Jun 2025 08:54:28 +0000
ROA not before: Thu 05 Jun 2025 08:54:28 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 17621
IP address blocks: 103.200.220.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7819 (0x1e8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Validity
Not Before: Jun 5 08:54:28 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=3474F822B7BF17C34097E4DBEDB8357D50828A8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9a:54:f2:ab:eb:4c:5e:45:8d:3c:db:6e:6c:
04:fb:33:9f:4d:50:39:09:af:06:f7:f4:fc:19:5b:
a6:88:30:21:cf:a2:c4:c2:e5:c5:6a:81:83:80:94:
43:04:ef:e9:ed:c7:5f:d1:31:be:23:c9:3b:69:09:
87:84:5f:8b:06:78:eb:39:6a:a6:ce:d6:e1:10:44:
3a:4f:f4:d5:45:94:aa:a6:5d:8f:bc:d6:86:2c:cf:
fc:b2:52:d2:1f:e1:b2:79:ba:44:c2:a4:f4:1b:9a:
19:ba:0a:48:73:cb:1f:7c:f5:0a:c8:24:99:63:c9:
c8:2b:03:15:7b:f1:2c:69:26:eb:fa:31:0a:25:1c:
cf:30:1e:28:ee:16:4a:ad:f5:c0:48:e2:e1:7f:10:
69:a5:73:0c:2e:fe:0c:81:fc:27:78:73:6a:b9:87:
d3:f9:98:20:40:1c:a2:24:ae:b8:e2:68:01:f4:0e:
b9:eb:04:7e:18:a2:20:b6:35:a7:4d:20:19:fb:38:
8e:1d:55:b2:9e:19:d7:95:d0:0c:b4:dd:fe:52:6c:
bc:23:14:36:41:41:d7:2c:02:1c:df:34:15:a4:92:
7f:ba:03:e0:6d:2e:8c:22:cd:8e:3b:5b:03:53:b9:
b2:49:69:9b:1a:4e:33:46:d3:42:72:0e:2b:1b:d0:
7b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:74:F8:22:B7:BF:17:C3:40:97:E4:DB:ED:B8:35:7D:50:82:8A:8E
X509v3 Authority Key Identifier:
keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/NHT4Ire_F8NAl-Tb7bg1fVCCio4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.200.220.0/22
Signature Algorithm: sha256WithRSAEncryption
38:c0:fb:8f:5e:02:47:5b:48:ff:8a:1e:f9:f9:d9:83:97:d2:
b9:df:e0:df:9d:b0:41:4c:03:cc:7f:6a:e0:e7:f5:12:d7:c3:
f2:2f:88:a3:ea:c1:ac:6a:32:25:5a:1b:94:31:46:a4:0d:66:
7f:33:b3:62:f5:1a:23:4d:b8:03:9d:36:bc:e2:2f:8a:f1:4a:
c8:7e:d9:44:d0:a2:40:0b:98:86:89:a0:c6:79:2a:cb:6d:d4:
7e:76:ff:69:b1:05:22:e2:60:55:cd:29:ff:88:44:a4:c6:6c:
5a:35:9a:7f:fc:f1:5d:d9:58:12:2b:c3:c0:ec:c6:3c:93:3b:
2d:a3:fd:f9:fc:0b:bf:5a:e9:da:db:48:21:79:47:bc:c8:e0:
6d:6b:51:81:e7:60:1b:08:92:9d:78:70:fe:b0:ed:e8:fe:85:
28:70:a8:98:59:99:b2:e4:96:85:1a:19:a2:64:b7:ce:ed:70:
f2:b8:bd:00:19:f5:26:fd:6e:7e:b2:27:03:40:0e:4c:d5:8a:
21:d8:84:40:3c:64:c4:b0:1b:df:1d:f5:85:82:e3:bc:b3:23:
07:14:00:2f:32:e0:a6:26:02:f1:d9:21:7e:13:19:5d:d2:32:
17:4d:d5:c1:f1:4d:d2:f8:fd:3e:9f:e7:a6:25:11:84:0a:63:
f9:fe:61:b9
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHoswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1
MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA2MDUw
ODU0MjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM0NzRGODIyQjdCRjE3
QzM0MDk3RTREQkVEQjgzNTdENTA4MjhBOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFmlTyq+tMXkWNPNtubAT7M59NUDkJrwb39PwZW6aIMCHPosTC
5cVqgYOAlEME7+ntx1/RMb4jyTtpCYeEX4sGeOs5aqbO1uEQRDpP9NVFlKqmXY+8
1oYsz/yyUtIf4bJ5ukTCpPQbmhm6Ckhzyx989QrIJJljycgrAxV78SxpJuv6MQol
HM8wHijuFkqt9cBI4uF/EGmlcwwu/gyB/Cd4c2q5h9P5mCBAHKIkrrjiaAH0Drnr
BH4YoiC2NadNIBn7OI4dVbKeGdeV0Ay03f5SbLwjFDZBQdcsAhzfNBWkkn+6A+Bt
LowizY47WwNTubJJaZsaTjNG00JyDisb0HthAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUNHT4Ire/F8NAl+Tb7bg1fVCCio4wHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt
4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx
L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL05IVDRJcmVfRjhOQWwt
VGI3YmcxZlZDQ2lvNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJnyNwwDQYJKoZIhvcNAQELBQADggEBADjA+49eAkdbSP+KHvn52YOX0rnf4N+d
sEFMA8x/auDn9RLXw/IviKPqwaxqMiVaG5QxRqQNZn8zs2L1GiNNuAOdNrziL4rx
Ssh+2UTQokALmIaJoMZ5Kstt1H52/2mxBSLiYFXNKf+IRKTGbFo1mn/88V3ZWBIr
w8DsxjyTOy2j/fn8C79a6drbSCF5R7zI4G1rUYHnYBsIkp14cP6w7ej+hShwqJhZ
mbLkloUaGaJkt87tcPK4vQAZ9Sb9bn6yJwNADkzViiHYhEA8ZMSwG98d9YWC47yz
IwcUAC8y4KYmAvHZIX4TGV3SMhdN1cHxTdL4/T6f56YlEYQKY/n+Ybk=
-----END CERTIFICATE-----
Generated at Sat Jun 21 09:43:31 2025 by rpki-client